Digital investigation of wireless sensor networks - IRIS mote
Source of Publication
2018 International Conference on Advanced Computer Science and Information Systems, ICACSIS 2018
© 2018 IEEE. For forensically analyzing incidents, it is important to gather as much data about the incident as possible. In the case of WSNs, this means that data has to be extracted from the sensor nodes, when a compromise or other security incident occurs. Among the data to be extracted are the program running on the node, so it can be analyzed for tampering, as well as the log and configuration flash memory usually stored on a separate chip on the sensor node. In this paper we will present how to perform an extraction of RAM, program memory, and flash memory with their necessary tools, and steps. Finally, information about the compromise can be gathered from the node’s RAM, program, and flash memory especially if for example a vulnerability in the software running on the node was exploited, the (commonly small) RAM, program, and flash memory can be examined for anomalies.
Institute of Electrical and Electronics Engineers Inc.
Data mining; Flash memory; Information systems; Information use; Random access storage; Digital investigation; Program memory; Security incident; Sensor nodes
Rahartomo, Argianto; Bochem, Arne; and Alfandi, Omar, "Digital investigation of wireless sensor networks - IRIS mote" (2019). All Works. 1274.
Indexed in Scopus